John Beerman, David Berent, Zach Falter, S. Bhunia
{"title":"殖民管道勒索软件攻击回顾","authors":"John Beerman, David Berent, Zach Falter, S. Bhunia","doi":"10.1109/CCGridW59191.2023.00017","DOIUrl":null,"url":null,"abstract":"In April, 2021 a ransomware attack occurred on Colonial Pipeline. The details of this attack point to the hacking group DarkSide taking advantage of the design flaws in the Colonial Pipeline network. After extensive research, the specificity of this attack was related to VPN access through an unused account. In order to regain control of their systems, Colonial Pipeline paid the attackers. This act has only created an incentive for similar attacks across the nation. The events of this attack have impacted both the United States, where the company is located and the world in a very negative way. This paper analyzes the attack with published data and provides a detailed attack methodology. From the attack methodology the focus then shifts into the impacts that an attack of this caliber had, on both the company, the United States, and the world. We then outline possible defense strategies against this type of ransomware attack, analyzing what could have been done to prevent this attack from happening. In addition, we also detail how companies can prevent future attacks of this caliber. Finally we wrap up or findings and detail the key takeaways of the entire attack.","PeriodicalId":341115,"journal":{"name":"2023 IEEE/ACM 23rd International Symposium on Cluster, Cloud and Internet Computing Workshops (CCGridW)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Review of Colonial Pipeline Ransomware Attack\",\"authors\":\"John Beerman, David Berent, Zach Falter, S. Bhunia\",\"doi\":\"10.1109/CCGridW59191.2023.00017\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In April, 2021 a ransomware attack occurred on Colonial Pipeline. The details of this attack point to the hacking group DarkSide taking advantage of the design flaws in the Colonial Pipeline network. After extensive research, the specificity of this attack was related to VPN access through an unused account. In order to regain control of their systems, Colonial Pipeline paid the attackers. This act has only created an incentive for similar attacks across the nation. The events of this attack have impacted both the United States, where the company is located and the world in a very negative way. This paper analyzes the attack with published data and provides a detailed attack methodology. From the attack methodology the focus then shifts into the impacts that an attack of this caliber had, on both the company, the United States, and the world. We then outline possible defense strategies against this type of ransomware attack, analyzing what could have been done to prevent this attack from happening. In addition, we also detail how companies can prevent future attacks of this caliber. Finally we wrap up or findings and detail the key takeaways of the entire attack.\",\"PeriodicalId\":341115,\"journal\":{\"name\":\"2023 IEEE/ACM 23rd International Symposium on Cluster, Cloud and Internet Computing Workshops (CCGridW)\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE/ACM 23rd International Symposium on Cluster, Cloud and Internet Computing Workshops (CCGridW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCGridW59191.2023.00017\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE/ACM 23rd International Symposium on Cluster, Cloud and Internet Computing Workshops (CCGridW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCGridW59191.2023.00017","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
In April, 2021 a ransomware attack occurred on Colonial Pipeline. The details of this attack point to the hacking group DarkSide taking advantage of the design flaws in the Colonial Pipeline network. After extensive research, the specificity of this attack was related to VPN access through an unused account. In order to regain control of their systems, Colonial Pipeline paid the attackers. This act has only created an incentive for similar attacks across the nation. The events of this attack have impacted both the United States, where the company is located and the world in a very negative way. This paper analyzes the attack with published data and provides a detailed attack methodology. From the attack methodology the focus then shifts into the impacts that an attack of this caliber had, on both the company, the United States, and the world. We then outline possible defense strategies against this type of ransomware attack, analyzing what could have been done to prevent this attack from happening. In addition, we also detail how companies can prevent future attacks of this caliber. Finally we wrap up or findings and detail the key takeaways of the entire attack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
